aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Print info about the used AEAD algorithm in the compliance msg.Werner Koch2022-03-183-5/+18
| | | | | | | | | | | | | | | | | | | | | * g10/misc.c (openpgp_cipher_algo_mode_name): New. * g10/decrypt-data.c (decrypt_data): Use function here. -- Note that openpgp_cipher_algo_mode_name is different from the version 2.2 becuase we append ".CFB" here. Without this change we would see gpg: cipher algorithm 'AES256' may not be used in --compliance=de-vs mode This is confusing because AES256 is compliant. Now we see gpg: cipher algorithm 'AES256.OCB' may not be used in --compliance=de-vs mode which gives a hint on the problem.
* common: New function map_static_stringsWerner Koch2022-03-184-5/+86
| | | | | | | | | * common/mapstrings.c (struct intmapping_s): New. (map_static_strings): New. * common/stringhelp.c (do_strconcat): Rename to ... (vstrconcat): this and make global. * common/t-mapstrings.c (test_map_static_strings): New test.
* gpg: Allow decryption of symencr even for non-compliant cipher.Werner Koch2022-03-185-18/+47
| | | | | | | | | | | | | | | | | | | | | | * g10/decrypt-data.c (decrypt_data): Add arg compliance_error. Adjust all callers. Fail on compliance error only in --require-compliance mode. Make sure to return an error if the buffer is missing; actually that should be an assert. * g10/mainproc.c (proc_encrypted): Delay printing of the compliance mode status. Consult the compliance error now returned by decrypt_data. -- The actual case here is that we fail hard if a message has been AEAD encrypted with one AEAD capable key and also with one passphrase. In general the preference system takes care of not using AEAD if one recipient's key does not support it. However, if the sender uses her own AEAD-capable key _and_ a passphrase the message will be AEAD encrypted. This change allows to decrypt that anyway along with a warning message. Note that this does currently not work in 2.3 due to a non-compliant libgcrypt. We will however, backport this to 2.2.
* common: New flags for gnupg_spawn_processWerner Koch2022-03-183-9/+29
| | | | | | | | | * common/exechelp.h (GNUPG_SPAWN_KEEP_STDIN): New. (GNUPG_SPAWN_KEEP_STDOUT): New. (GNUPG_SPAWN_KEEP_STDERR): New. * common/exechelp-posix.c (do_exec): Add arg flags and implement new flags. * common/exechelp-w32.c (gnupg_spawn_process): Implement new flags.
* common: Fix a race condition removing stale lockfile.NIIBE Yutaka2022-03-181-9/+24
| | | | | | | | | | | * common/dotlock.c (read_lockfile): Return the file descriptor when R_FD is available. (dotlock_take_unix): Check the case the lockfile was already removed. -- GnuPG-bug-id: 5884 Signed-off-by: NIIBE Yutaka <[email protected]>
* common: More heavy test condition for t-dotlock.c.NIIBE Yutaka2022-03-181-4/+21
| | | | | | | | | | | * common/t-dotlock.c (lock_and_unlock): Use usleep and faster. Loop at least once. Use getrandom for random time. (main): Add new option --one-shot to run lock/unlock once. -- GnuPG-bug-id: 5884 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix DEVINFO with no --watch.NIIBE Yutaka2022-03-152-2/+2
| | | | | | | | | * scd/app.c (app_send_devinfo): Fix for outputing once. * scd/command.c (hlp_devinfo): Fix comment. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* Fix previous commit.NIIBE Yutaka2022-03-111-1/+4
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Enhance PASSWD command to accept KEYGRIP optionally.NIIBE Yutaka2022-03-101-3/+8
| | | | | | | | | * scd/command.c (cmd_passwd): Handle KEYGRIP optionally. -- GnuPG-bug-id: 5862 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Use same idiom for same work.NIIBE Yutaka2022-03-101-4/+4
| | | | | | | | | * scd/command.c (cmd_serialno, cmd_getattr): Use 'while' instead of 'for'. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* sign: Construct valid AEAD packets.Jakub Jelen2022-03-091-1/+2
| | | | | | | | | | * g10/sign.c (sign_symencrypt_file): Insert correct version and AEAD information into symkey packet. -- GnuPG-bug-id: 5856 Signed-off-by: Jakub Jelen <[email protected]>
* sm: Fix parsing encrypted data.NIIBE Yutaka2022-03-091-1/+14
| | | | | | | | | | | * sm/minip12.c (cram_octet_string): Finish when N==0. (parse_bag_encrypted_data): Support constructed data with multiple octet strings. -- GnuPG-bug-id: 5793 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgsm: New option --require-complianceWerner Koch2022-03-086-3/+46
| | | | | | | | | | | | * sm/gpgsm.c (oRequireCompliance): New. (opts): Add --require-compliance. (main): Set option. * sm/gpgsm.h (opt): Add field require_compliance. (gpgsm_errors_seen): Declare. * sm/verify.c (gpgsm_verify): Emit error if non de-vs compliant. * sm/encrypt.c (gpgsm_encrypt): Ditto. * sm/decrypt.c (gpgsm_decrypt): Ditto. --
* gpg: New option --require-compliance.Werner Koch2022-03-085-6/+66
| | | | | | | | | | | | | | * g10/options.h (opt): Add field flags.require_compliance. * g10/gpg.c (oRequireCompliance): New. (opts): Add --require-compliance. (main): Set option. * g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant. (check_sig_and_print): Ditto. * g10/encrypt.c (encrypt_crypt): Ditto. -- Note that in the --encrypt and --verify cased other checks may kick in earlier than this new --require-compliance controlled one.
* gpg: fix --enarmor with zero length source fileJussi Kivilinna2022-03-083-8/+6
| | | | | | | | | | | | | | | | | * common/iobuf.c (filter_flush): Remove "src_len == 0" check. * g10/compress-bz2.c (do_compress): Exit early if flush not forced and input length is zero. * g10/compress.c (do_compress): Likewise. -- Remove "(src_len == 0)" check in filter_flush which was introduced to fix compress failure caused by zero length flush from iobuf_close. However this check broke enarmoring file with length of zero. Patch instead fixes zero length flush problem in compress filters. GnuPG-bug-id: T5828 Signed-off-by: Jussi Kivilinna <[email protected]>
* iobuf: add zerocopy optimization for iobuf_writeJussi Kivilinna2022-03-081-6/+75
| | | | | | | | | | | | | | | * common/iobuf.c (filter_flush): Use 'iobuf->e_d' if configured. (iobuf_write): Configure 'iobuf->e_d' for 'filter_flush' if 'iobuf->d.buf' is empty and external buffer is larger than threshold. -- Zero-copy operation in iobuf_write() and filter_flush() allow bypassing 'iobuf->d.buf' for greater performance. This mainly helps OCB performance where additional memory copies through iobuf stack can take significant portion of program time. GnuPG-bug-id: T5828 Signed-off-by: Jussi Kivilinna <[email protected]>
* iobuf: add zerocopy optimization for iobuf_readJussi Kivilinna2022-03-082-14/+118
| | | | | | | | | | | | | | | | | | | * common/iobuf.h (iobuf_struct): Add 'e_d' substructure and members. * common/iobuf.c (IOBUF_ZEROCOPY_THRESHOLD): New. (iobuf_alloc): Clear 'iobuf->e_d'. (underflow_target): Use 'iobuf->e_d' when configured to bypass copying through 'iobuf->d.buf'. (iobuf_read): Configure 'iobuf->e_d' for 'underflow' if 'iobuf->d.buf' is empty and external buffer is larger than threshold. -- Zero-copy operation in iobuf_read() and underflow() allow bypassing 'iobuf->d.buf' for greater performance. This mainly helps OCB performance where additional memory copies through iobuf stack can take significant portion of program time. GnuPG-bug-id: T5828 Signed-off-by: Jussi Kivilinna <[email protected]>
* g10/cipher-aead: add fast path for avoid memcpy when AEAD encryptingJussi Kivilinna2022-03-081-12/+57
| | | | | | | | | | | | | | | * g10/cipher-aead.c (do_hash): Add faster path for encrypting directly from input buffer instead of memcpying then encrypting inplace. -- When encrypting with AES256.OCB on AMD Ryzen 5800X, memcpy shows as taking largest portion of computation time. Patch adds fast path for AEAD encryption which largely eliminates need for memcpying when doing AEAD encryption. AES256.OCB throughput increases from 2.2GB/s to 4.2GB/s on said system (1.9x faster). GnuPG-bug-id: T5828 Signed-off-by: Jussi Kivilinna <[email protected]>
* g10/decrypt-data: disable output estream buffering to reduce overheadJussi Kivilinna2022-03-081-0/+2
| | | | | | | | | | | | * g10/decrypt-data.c (decrypt_data): Disable estream buffering for output file. -- Here estream is filled with iobuf_copy which already uses large buffers so additional buffering in estream was just adding memory copy overhead. GnuPG-bug-id: T5828 Signed-off-by: Jussi Kivilinna <[email protected]>
* g10/plaintext: disable estream buffering in binary modeJussi Kivilinna2022-03-081-1/+23
| | | | | | | | | | | | | * g10/plaintext.c (handle_plaintext): Disable estream buffering in binary modes. -- Since in binary mode, large buffers are passed from source iobuf to target estream, extra buffering in estream only causes extra memory copying and overhead. GnuPG-bug-id: T5828 Signed-off-by: Jussi Kivilinna <[email protected]>
* Use iobuf buffer size for temporary buffer sizeJussi Kivilinna2022-03-083-13/+19
| | | | | | | | | | | | | | * common/iobuf.c (iobuf_copy): Use iobuf buffer size for temporary buffers. * g10/plaintext.c (handle_plaintext, do_hash): Likewise. * g10/sign.c (sign_file): Likewise. -- As iobuf will have zerocopy operation for read/write, it is better to use same size buffers as iobuf for temporary copy buffers. GnuPG-bug-id: T5828 Signed-off-by: Jussi Kivilinna <[email protected]>
* gpgtar,w32: Support file names longer than MAX_PATH.Werner Koch2022-03-083-13/+10
| | | | | | | | | | * tools/gpgtar.c: Replace assert by log_assert. * tools/gpgtar-extract.c: Ditto. (extract_regular): Create files with sysopen flag. * tools/gpgtar-create.c (scan_directory): Use gpgrt_fname_to_wchar. -- Note that for this change libgpg-error 1.45 is required for Windows.
* common,w32: Support file names longer than MAX_PATH in iobuf.Werner Koch2022-03-081-18/+4
| | | | | * common/iobuf.c (direct_open): Use gpgrt_fname_to_wchar. (any8bitchar): Remove.
* common: Fix confusion of get_pk_algo_from_key.NIIBE Yutaka2022-03-041-4/+4
| | | | | | | | | * common/ssh-utils.c (ssh_public_key_in_base64): Fix the constants. -- Fixes-commit: 8e650dbd48fa5fde6d8f08154e6a892d495e9227 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix PK_AUTH with --challenge-response option.NIIBE Yutaka2022-03-042-3/+6
| | | | | | | | | | | * scd/app.c (app_auth): It's only APPTYPE_OPENPGP which supports the challenge response interaction. * scd/command.c (cmd_pkauth): It only wants if it works or not. -- GnuPG-bug-id: 5862 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Add --challenge-response option to PK_AUTH for OpenPGP card.NIIBE Yutaka2022-03-033-26/+201
| | | | | | | | | | | | | | * scd/app-openpgp.c (rmd160_prefix, sha1_prefix, sha224_prefix) (sha256_prefix, sha384_prefix, sha512_prefix): Move the scope up. (gen_challenge): New. (do_auth): Support challenge-response check if it signs correctly. * scd/app.c (app_auth): Remove the check INDATA and INDATALEN. * scd/command.c (cmd_pkauth): Support --challenge-response option. -- GnuPG-bug-id: 5862 Signed-off-by: NIIBE Yutaka <[email protected]>
* g10/encrypt: use iobuf_copy instead of manual iobuf_read/iobuf_writeJussi Kivilinna2022-03-021-9/+3
| | | | | | | | * g10/encrypt.c (encrypt_simple): Use 'iobuf_copy' for no-literal case. -- GnuPG-bug-id: T5852 Signed-off-by: Jussi Kivilinna <[email protected]>
* g10/dearmor: use iobuf_copyJussi Kivilinna2022-03-021-7/+2
| | | | | | | | * g10/dearmor.c (dearmor_file, enarmor_file): Use 'iobuf_copy'. -- GnuPG-bug-id: T5852 Signed-off-by: Jussi Kivilinna <[email protected]>
* scd: Let READKEY support --format=ssh option.NIIBE Yutaka2022-03-023-16/+348
| | | | | | | | | | | | * scd/command.c (do_readkey): Support --format=ssh option. * common/ssh-utils.c (ssh_public_key_in_base64): New. * common/ssh-utils.h (ssh_public_key_in_base64): New declaration. -- Code duplication (agent/command-ssh.c) will be cleaned up later. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10/sign: sign_file: use iobuf_read for higher detached signing speedJussi Kivilinna2022-02-271-2/+2
| | | | | | | | | | | | | | | | | | | * g10/sign.c (sign_file): Use iobuf_read instead of iobuf_get for reading data from detached file. -- This patch reduces iobuf_read per byte processing overhead and speeds up detached signing. Detached signing speed on AMD Ryzen 5800X (4.3GiB file, SHA256): gpg process user time before: 3.951s after: 1.898s (2.0x faster) GnuPG-bug-id: T5826 Signed-off-by: Jussi Kivilinna <[email protected]>
* g10/plaintext: do_hash: use iobuf_read for higher performanceJussi Kivilinna2022-02-271-2/+7
| | | | | | | | | | | | | | | | | | | * g10/plaintext.c (do_hash): Use iobuf_read instead of iobuf_get for reading data; Use gcry_md_write instead of gcry_md_putc for hash data. -- This patch reduces iobuf_read per byte processing overhead and speeds up detached signature verifying. Detached verifying speed on AMD Ryzen 5800X (4.3GiB file, SHA256): gpg process user time before: 9.410s after: 1.913s (4.9x faster) GnuPG-bug-id: T5826 Signed-off-by: Jussi Kivilinna <[email protected]>
* agent: Print the correct daemon name in presence of a --foo-program.Werner Koch2022-02-271-1/+2
| | | | | | | | * agent/call-daemon.c (wait_child_thread): Print the correct name. -- This makes sure that the log print the actual used name if for example --pinentry-program was used.
* agent: New flag "qual" for the trustlist.txt.Werner Koch2022-02-275-18/+33
| | | | | | | | | | * agent/trustlist.c (struct trustitem_s): Add flag "qual". (read_one_trustfile): Rename arg "allow_include" to "systrust" and change callers. Parse new flag "qual". (istrusted_internal): Print all flags. * sm/call-agent.c (istrusted_status_cb): Detect the "qual" flag. * sm/gpgsm.h (struct rootca_flags_s): Add flag "qualified". * sm/certchain.c (do_validate_chain): Take care of the qualified flag.
* dimngr: Do not check the self-signature of a root CA cert.Werner Koch2022-02-271-8/+8
| | | | * dirmngr/validate.c (validate_cert_chain): Comment out that code.
* dirmngr: Support ECDSA for CRLsWerner Koch2022-02-272-12/+92
| | | | | | * dirmngr/crlcache.c (finish_sig_check): Support ECDSA. * dirmngr/validate.c (check_cert_sig): Ditto. Remove the never used support for DSA.
* dirmngr: Support ECDSA for OCSP.Werner Koch2022-02-274-50/+108
| | | | | | | | | | | | * dirmngr/validate.c (pk_algo_from_sexp): Make public. Support ECC. * dirmngr/ocsp.c (check_signature): Remove hash preparation out to ... (check_signature_core): here. This changes the arg s_hash to md. Support ECDSA. -- The test was done with my qualified signature certificate from the Telesec and their responder http://tqrca1.ocsp.telesec.de/ocspr . See also libksba commit rK24992a4a7a61d93759e1dbd104b845903d4589bf
* gpg: Clarify a call of ask_for_detached_datafile.NIIBE Yutaka2022-02-251-1/+1
| | | | | | | | | | | | | | | | | | | * g10/mainproc.c (proc_tree): Call ask_for_detached_datafile with MD2=NULL. -- Here, c->mfx.md2 is always NULL, in fact. But, text-wise (when searching the use of "mfx.md2"), before the change, it used mfx.md2, which is irrelevant in the handling of PKT_ONEPASS_SIG. Note that: One-Pass Signature is not available in PGP2. This fix removes (text-wise) unmatch of the calls of functions hash_datafile_by_fd hash_datafiles, and ask_for_detached_datafile. Fixes-commit: 88a916cdd40e43312ffcde6bb1c157fe1c122f74 Signed-off-by: NIIBE Yutaka <[email protected]>
* Fix the previous commit.NIIBE Yutaka2022-02-231-1/+1
| | | | | | | -- Fixes-commit: 903c5fe369bc4948718a7d2a0e19b1acdb2406c4 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix generating AEAD packet.NIIBE Yutaka2022-02-221-1/+1
| | | | | | | | | * g10/cipher-aead.c (do_free): Fix the condition of the last chunk. -- GnuPG-bug-id: 5853 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd,w32: Print code pages with --show-configsWerner Koch2022-02-211-0/+9
| | | | * tools/gpgconf.c (show_configs): Do it.
* scd:p15: Used extended mode already for RSA 2048Werner Koch2022-02-211-2/+2
| | | | | * scd/app-p15.c (do_sign, do_decipher): Replace GT by GE. --
* sm: Fix use of value NONE in gnupg_isotime_t type.NIIBE Yutaka2022-02-186-7/+18
| | | | | | | | | | | | | | * common/gettime.h (GNUPG_ISOTIME_NONE): New. * sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Use it. * sm/certlist.c (gpgsm_add_to_certlist): Likewise. * sm/import.c (check_and_store): Likewise. * sm/keylist.c (list_cert_colon, list_cert_raw): Likewise. (list_cert_std): Likewise. * sm/sign.c (gpgsm_sign): Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* po: Fix gender of pronoun in German translationIngo Klöcker2022-02-161-1/+1
| | | | | | | -- The phrase refers to an insecure "passphrase" which is translated as "(das) Passwort" (pronoun: "dieses") in German.
* g10/mainproc: avoid extra hash contexts when decrypting MDC inputJussi Kivilinna2022-02-081-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/mainproc.c (mainproc_context): New member 'seen_pkt_encrypted_mdc'. (release_list): Clear 'seen_pkt_encrypted_mdc'. (proc_encrypted): Set 'seen_pkt_encrypted_mdc'. (have_seen_pkt_encrypted_aead): Rename to... (have_seen_pkt_encrypted_aead_or_mdc): ...this and add check for 'seen_pkt_encrypted_mdc'. (proc_plaintext): Do not enable extra hash contexts when decrypting MDC input. -- Avoiding extra hash contexts speeds up CFB/MDC decryption quite a lot. For example, decrypting symmetric-key AES-256 encrypted 4 GiB file from RAM to /dev/null sees ~3.4x speed increase on AMD Ryzen 5800X: AES256.CFB encryption: 783 MB/s AES256.CFB decryption: 386 MB/s (before) AES256.CFB encryption: 1.3 GB/s (after patch) Note, AEAD is still significantly faster: AES256.OCB encryption: 2.2 GB/s AES256.OCB decryption: 3.0 GB/s GnuPG-bug-id: T5820 Signed-off-by: Jussi Kivilinna <[email protected]>
* sm: New option --ignore-cert-with-oid.Werner Koch2022-02-034-0/+54
| | | | | | | * sm/gpgsm.c (oIgnoreCertWithOID): New. (opts): Add option. (main): Store its value. * sm/call-agent.c (learn_cb): Test against that list.
* gpg: Fix for -Wformat when using uint64_t.NIIBE Yutaka2022-02-022-4/+5
| | | | | | | | | | | | | * g10/cipher-aead.c (do_flush): Use PRIu64. * g10/decrypt-data.c (aead_underflow): Likewise. -- Even among LP64 data model machines, uint64_t type may differ; unsigned long or unsigned long long. Only portable way is use of PRIu64. Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: Avoid initial delay on the first keyserver access.Werner Koch2022-02-014-3/+13
| | | | | | | | | | | | | | | * dirmngr/dirmngr.c (dirmngr_never_use_tor_p): New. * dirmngr/server.c (ensure_keyserver): Don't even test for the Tor proxy in never-use-tor Mode. * tools/gpgtar-create.c: Include unistd.h to avoid a warning on Windows. -- This delay of 2 or 3 seconds is in particular annoying on Windows. This is now suppressed, as it should be, if --no-use-tor is used. The second patch is unrelated
* sm: Partly revert last commit.Werner Koch2022-02-011-6/+0
| | | | | | | | | * sm/gpgsm.c (set_debug): Remove doubled code. -- It was already there; sorry. Fixes-commit: 51edea995d352a7b557fb0315fa5091dc42065cb
* gpg,sm: Set --verbose and clear --quiet in debug mode.Werner Koch2022-02-012-0/+12
| | | | | * g10/gpg.c (set_debug): Tweak options. * sm/gpgsm.c (set_debug): Ditto.
* ssh: Fix adding an ed25519 key with a zero length comment.Werner Koch2022-01-281-4/+10
| | | | | | | | | | | | | | | | * agent/command-ssh.c (sexp_key_construct): Do not put an empty string into an S-expression. (stream_read_string): Do not not try to a read a zero length block. -- Actually we could handles this different by not putting a comment tag into the s-expression, however this requires more code and at other places we already return "(none)" instead of an empty comment. The second fix is more or less a cosmetic thing to get better error messages in case the underlying read system call returns an error. GnuPG-bug-id: 5794
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 11:53:54 +0000